Platforms combining Central Processing Systems (CPUs) with Field Programmable Gate Arrays (FPGAs) have become popular, as they promise high performance with energy efficiency. This is the result of the combination of FPGA accelerators tuned to the application, with the CPU providing the programming flexibility. Unfortunately, the security of these new platforms has received little attention: The classic software security assumption that hardware is immutable no longer holds. It is expected that attack surfaces will expand and threats will evolve, hence the trust models, and security solutions should be prepared. The attacker model should be enhanced and consider the following three basic entities as the source of threats: applications run by users, accelerators designed by third-party developers, and the cloud service providers enabling the computation on their platforms. In our work, we review current trust models and existing security assumptions and point out their shortcomings. We survey existing research that target secure remote FPGA configuration, the protection of intellectual property, and secure shared use of FPGAs. When combined, these are the foundations to build a solution for secure use of FPGAs in the cloud. In addition to analysing the existing research, we provide discussions on how to improve it and disclose various concerns that have not been addressed yet.

中文翻译：

---

信任 FPGA 加速的云计算

将中央处理系统 (CPU) 与现场可编程门阵列 (FPGA) 相结合的平台已变得流行，因为它们承诺高性能和高能效。这是针对应用程序调整的 FPGA 加速器组合的结果，CPU 提供了编程灵活性。不幸的是，这些新平台的安全性很少受到关注：硬件不可变的经典软件安全假设不再成立。预计攻击面将扩大，威胁将演变，因此应准备信任模型和安全解决方案。应该增强攻击者模型，并将以下三个基本实体视为威胁源：用户运行的应用程序、第三方开发人员设计的加速器、以及在其平台上启用计算的云服务提供商。在我们的工作中，我们回顾了当前的信任模型和现有的安全假设，并指出了它们的缺点。我们调查了针对安全远程 FPGA 配置、知识产权保护和 FPGA 安全共享使用的现有研究。结合起来，这些是构建在云中安全使用 FPGA 的解决方案的基础。除了分析现有研究之外，我们还讨论了如何改进它并披露了尚未解决的各种问题。FPGA 的安全共享使用。结合起来，这些是构建在云中安全使用 FPGA 的解决方案的基础。除了分析现有研究之外，我们还讨论了如何改进它并披露了尚未解决的各种问题。FPGA 的安全共享使用。结合起来，这些是构建在云中安全使用 FPGA 的解决方案的基础。除了分析现有研究之外，我们还讨论了如何改进它并披露了尚未解决的各种问题。